The branch, v4-15-stable has been updated via c3bff29ce35 VERSION: Disable GIT_SNAPSHOT for the 4.15.10 release. via e87c9ae8178 WHATSNEW: Add release notes for Samba 4.15.10. via d4e11e82ecd s3: smbd: Fix memory leak in smbd_server_connection_terminate_done(). via 6b5792b0a2c smbd: check for streams support in unix_convert() via fa6012b63ab smbd: return NT_STATUS_OBJECT_NAME_INVALID if a share doesn't support streams via c5796b0c7a3 smbtorture: add a test trying to create a stream on share without streams support via 77d1d989d1c smbd: implement access checks for SMB2-GETINFO as per MS-SMB2 3.3.5.20.1 via 3e4d6d27213 smbtorture: check required access for SMB2-GETINFO via 41131daece9 s4/libcli/smb2: avoid using smb2_composite_setpathinfo() in smb2_util_setatr() via ab0f75acbbc smbd: directly pass fsp to SMB_VFS_FGETXATTR() in fget_ea_dos_attribute() via 135b59d00a7 smbd: add and use vfs_fget_dos_attributes() via 1115b311c37 smbtorture: add test smb2.stream.attributes2 via 6369f59f38a smbtorture: rename smb2.streams.attributes to smb2.streams.attributes1 via 1c5a02bfb41 vfs_default: assert all passed in fsp's and names are non-stream type via 82342c74390 vfs_streams_xattr: restrict which fcntl's are allowed on streams via a3f3f26a6bf smbd: skip access checks for stat-opens on streams in open_file() via 0fb876b34b2 smbd: use metadata_fsp() in get_acl_group_bits() via b1ebf29f202 smbd: ignore request to set the SPARSE attribute on streams via 95e658ad866 smbd: use metadata_fsp() with SMB_VFS_FSET_DOS_ATTRIBUTES() via ff3798ae0ff smbd: use metadata_fsp() with SMB_VFS_FGET_DOS_ATTRIBUTES() via f0a52d43373 smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL() via fc6121cade5 smbd: use metadata_fsp() with SMB_VFS_FGET_NT_ACL() via 2412d67678b CI: add a test trying to delete a stream on a pathref ("stat open") handle via 216000dbe6d vfs_xattr_tdb: add "xattr_tdb:ignore_user_xattr" option via a3795100e42 vfs_xattr_tdb: add a module config via 6d8a013942e vfs_xattr_tdb: move close_xattr_db() via d6c0c4e1c55 smdb: use fsp_is_alternate_stream() in open_file() via 8391f3dce37 smbd: Introduce metadata_fsp() via 0acf72bf2f3 smbd: Introduce fsp_is_alternate_stream() via f6bb11dbaac lib:replace: Only include <sys/mount.h> on non-Linux systems via 907e4ce03ab s3: smbd: Plumb close_type parameter through close_file_in_loop(), file_close_conn() via 4c436dfe8cc s3: smbd: Add "enum file_close_type close_type" parameter to file_close_conn(). via 6cd04ec396c s3: smbd: Add "enum file_close_type close_type" parameter to close_cnum(). via 659dfb93c2a s3/smbd: Use after free when iterating smbd_server_connection->connections via 6b54bb8abea s3/smbd: Use after free when iterating smbd_server_connection->connections via 89110595b44 s3:smbd: only clear LEASE_READ if there's no read lease is left via ec1ad34f288 s4:torture/smb2: add smb2.lease.v[1,2]_bug_15148 via 93febc222bf s3:smbd: share_mode_flags_set() takes SMB2_LEASE_* values via bb66bbfa4e7 libcli/smb: Set error status if 'iov' pointer is NULL via 6b711620fe4 libcli/smb: Ensure we call tevent_req_nterror() on failure via 94bdda617e0 s3/util/py_net.c: fix samba-tool domain join&leave segfault via f9815fddb5e s3:rpcclient: Goto done in cmd_samr_setuserinfo_int() via 31617c2e6d7 mdssvc: return all-zero policy handle if spotlight is disabled via 0553d07c8d3 CI: fix check for correct mdsvc resonse when connecting to a share with Spotlight disabled via 2df19cddd55 mdssvc: convert mds_init_ctx() to return NTSTATUS via c38d9d6fe9b VERSION: Bump version up to Samba 4.15.10... via fca89646410 Merge tag 'samba-4.15.9' into v4-15-test via ca5abc39c1d s3:winbind: Use the canonical realm name to renew the credentials via e7ae7cba136 s3:winbind: Create service principal inside add_ccache_to_list() via 206c4f0094e nfs4_acls: Correctly skip chown when gid did not change via fce5a61033a s3:libads: Check if we have a valid sockaddr via ae5d715bd2c s4:libads: Fix trailing whitespaces in ldap.c via b70ea7082d6 smbd: Make non_widelink_open() robust for non-cwd dirfsp from c8fc01ca364 VERSION: Disable GIT_SNAPSHOT for the 4.15.9 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-15-stable - Log ----------------------------------------------------------------- ----------------------------------------------------------------------- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 68 +++++- lib/replace/system/filesys.h | 4 +- lib/replace/wscript | 3 + libcli/smb/smbXcli_base.c | 12 +- selftest/knownfail | 3 +- selftest/target/Samba3.pm | 7 + source3/include/proto.h | 3 + source3/libads/ldap.c | 164 +++++++------ source3/modules/nfs4_acls.c | 2 +- source3/modules/vfs_default.c | 94 +++++--- source3/modules/vfs_streams_xattr.c | 33 +++ source3/modules/vfs_xattr_tdb.c | 293 ++++++++++++++--------- source3/rpc_server/mdssvc/mdssvc.c | 40 ++-- source3/rpc_server/mdssvc/mdssvc.h | 15 +- source3/rpc_server/mdssvc/srv_mdssvc_nt.c | 28 ++- source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 2 +- source3/rpcclient/cmd_samr.c | 22 +- source3/script/tests/test_delete_stream.sh | 123 ++++++++++ source3/selftest/tests.py | 5 +- source3/smbd/conn.c | 36 ++- source3/smbd/dir.c | 2 +- source3/smbd/dosmode.c | 24 +- source3/smbd/file_access.c | 2 +- source3/smbd/filename.c | 9 +- source3/smbd/files.c | 17 +- source3/smbd/open.c | 70 +++--- source3/smbd/oplock.c | 13 +- source3/smbd/posix_acls.c | 2 +- source3/smbd/proto.h | 8 +- source3/smbd/pysmbd.c | 4 +- source3/smbd/service.c | 6 +- source3/smbd/smb2_getinfo.c | 28 +++ source3/smbd/smb2_server.c | 1 + source3/smbd/smbXsrv_tcon.c | 11 +- source3/smbd/vfs.c | 54 +++++ source3/torture/cmd_vfs.c | 12 +- source3/utils/py_net.c | 9 +- source3/winbindd/winbindd_cred_cache.c | 16 +- source3/winbindd/winbindd_pam.c | 14 -- source3/winbindd/winbindd_proto.h | 1 - source4/libcli/smb2/util.c | 37 ++- source4/selftest/tests.py | 1 + source4/torture/rpc/mdssvc.c | 17 +- source4/torture/smb2/create.c | 48 ++++ source4/torture/smb2/getinfo.c | 147 ++++++++++++ source4/torture/smb2/lease.c | 208 +++++++++++++++++ source4/torture/smb2/oplock.c | 10 +- source4/torture/smb2/smb2.c | 1 + source4/torture/smb2/streams.c | 361 ++++++++++++++++++++++++++++- 50 files changed, 1703 insertions(+), 389 deletions(-) create mode 100755 source3/script/tests/test_delete_stream.sh Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index fdfc7634929..5762c28f102 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ ######################################################## SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=15 -SAMBA_VERSION_RELEASE=9 +SAMBA_VERSION_RELEASE=10 ######################################################## # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index c663534b63e..8c22b675d54 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,68 @@ + =============================== + Release Notes for Samba 4.15.10 + September 28, 2022 + =============================== + + +This is the latest stable release of the Samba 4.15 release series. + + +Changes since 4.15.9 +-------------------- + +o Jeremy Allison <j...@samba.org> + * BUG 15128: Possible use after free of connection_struct when iterating + smbd_server_connection->connections. + * BUG 15174: smbXsrv_connection_shutdown_send result leaked. + +o Ralph Boehme <s...@samba.org> + * BUG 15086: Spotlight RPC service returns wrong response when Spotlight is + disabled on a share. + * BUG 15126: acl_xattr VFS module may unintentionally use filesystem + permissions instead of ACL from xattr. + * BUG 15153: Missing SMB2-GETINFO access checks from MS-SMB2 3.3.5.20.1. + * BUG 15161: assert failed: !is_named_stream(smb_fname)") at + ../../lib/util/fault.c:197. + +o Stefan Metzmacher <me...@samba.org> + * BUG 15148: Missing READ_LEASE break could cause data corruption. + +o Andreas Schneider <a...@samba.org> + * BUG 15124: rpcclient can crash using setuserinfo(2). + * BUG 15132: Samba fails to build with glibc 2.36 caused by including + <sys/mount.h> in libreplace. + +o Joseph Sutton <josephsut...@catalyst.net.nz> + * BUG 15152: SMB1 negotiation can fail to handle connection errors. + +o Michael Tokarev <m...@tls.msk.ru> + * BUG 15078: samba-tool domain join segfault when joining a samba ad domain. + + +####################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical:matrix.org matrix room, or +#samba-technical IRC channel on irc.libera.chat. + + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.1 and newer product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- ============================== Release Notes for Samba 4.15.9 July 27, 2022 @@ -67,8 +132,7 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- +---------------------------------------------------------------------- ============================== Release Notes for Samba 4.15.8 June 28, 2022 diff --git a/lib/replace/system/filesys.h b/lib/replace/system/filesys.h index 034e5d5886c..bb9482c69af 100644 --- a/lib/replace/system/filesys.h +++ b/lib/replace/system/filesys.h @@ -36,7 +36,8 @@ #include <sys/param.h> #endif -#ifdef HAVE_SYS_MOUNT_H +/* This include is required on UNIX (*BSD, AIX, ...) for statfs() */ +#if !defined(LINUX) && defined(HAVE_SYS_MOUNT_H) #include <sys/mount.h> #endif @@ -44,6 +45,7 @@ #include <mntent.h> #endif +/* This include is required on Linux for statfs() */ #ifdef HAVE_SYS_VFS_H #include <sys/vfs.h> #endif diff --git a/lib/replace/wscript b/lib/replace/wscript index 782ac5bd550..87e2010f52b 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -31,6 +31,9 @@ def configure(conf): conf.env.standalone_replace = conf.IN_LAUNCH_DIR() + if sys.platform.rfind('linux') > -1: + conf.DEFINE('LINUX', '1') + conf.DEFINE('BOOL_DEFINED', 1) conf.DEFINE('HAVE_LIBREPLACE', 1) conf.DEFINE('LIBREPLACE_NETWORK_CHECKS', 1) diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index 7579fa1c378..5d5b5ac45fd 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -4469,7 +4469,11 @@ static void smbXcli_negprot_smb1_done(struct tevent_req *subreq) NULL, /* pinbuf */ expected, ARRAY_SIZE(expected)); TALLOC_FREE(subreq); - if (inhdr == NULL || tevent_req_nterror(req, status)) { + if (tevent_req_nterror(req, status)) { + return; + } + if (inhdr == NULL) { + tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); return; } @@ -5009,7 +5013,11 @@ static void smbXcli_negprot_smb2_done(struct tevent_req *subreq) status = smb2cli_req_recv(subreq, state, &iov, expected, ARRAY_SIZE(expected)); - if (tevent_req_nterror(req, status) || iov == NULL) { + if (tevent_req_nterror(req, status)) { + return; + } + if (iov == NULL) { + tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); return; } diff --git a/selftest/knownfail b/selftest/knownfail index cab556be477..1ff68338132 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -175,6 +175,7 @@ ^samba4.smb2.oplock.stream1 # samba 4 oplocks are a mess ^samba4.smb2.oplock.statopen1\(ad_dc_ntvfs\)$ # fails with ACCESS_DENIED on a SYNCHRONIZE_ACCESS open ^samba4.smb2.getinfo.complex # streams on directories does not work +^samba4.smb2.getinfo.getinfo_access\(ad_dc_ntvfs\) # Access checks not implemented ^samba4.smb2.getinfo.qfs_buffercheck # S4 does not do the INFO_LENGTH_MISMATCH/BUFFER_OVERFLOW thingy ^samba4.smb2.getinfo.qfile_buffercheck # S4 does not do the INFO_LENGTH_MISMATCH/BUFFER_OVERFLOW thingy ^samba4.smb2.getinfo.qsec_buffercheck # S4 does not do the BUFFER_TOO_SMALL thingy @@ -206,10 +207,8 @@ ^samba3.smb2.oplock.stream1 ^samba3.smb2.streams.rename ^samba3.smb2.streams.rename2 -^samba3.smb2.streams.attributes ^samba3.smb2.streams streams_xattr.rename\(nt4_dc\) ^samba3.smb2.streams streams_xattr.rename2\(nt4_dc\) -^samba3.smb2.streams streams_xattr.attributes\(nt4_dc\) ^samba3.smb2.getinfo.complex ^samba3.smb2.getinfo.fsinfo # quotas don't work yet ^samba3.smb2.setinfo.setinfo diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 43bce06c6d9..fdb550a8f66 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -3214,6 +3214,13 @@ sub provision($$) copy = tmp vfs objects = streams_xattr xattr_tdb +[acl_streams_xattr] + copy = tmp + vfs objects = acl_xattr streams_xattr fake_acls xattr_tdb + acl_xattr:ignore system acls = yes + acl_xattr:security_acl_name = user.acl + xattr_tdb:ignore_user_xattr = yes + [compound_find] copy = tmp smbd:find async delay usec = 10000 diff --git a/source3/include/proto.h b/source3/include/proto.h index 20d026f83b3..f38b286cab1 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -82,6 +82,9 @@ NTSTATUS vfs_at_fspcwd(TALLOC_CTX *mem_ctx, struct connection_struct *conn, struct files_struct **_fsp); +NTSTATUS vfs_fget_dos_attributes(struct files_struct *fsp, + uint32_t *dosmode); + #include "source3/lib/interface.h" /* The following definitions come from lib/ldap_debug_handler.c */ diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 6caeebe6037..f1a1e036050 100755 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -1,4 +1,4 @@ -/* +/* Unix SMB/CIFS implementation. ads (active directory) utility library Copyright (C) Andrew Tridgell 2001 @@ -41,7 +41,7 @@ * * The routines contained here should do the necessary ldap calls for * ads setups. - * + * * Important note: attribute names passed into ads_ routines must * already be in UTF-8 format. We do not convert them because in almost * all cases, they are just ascii (which is represented with the same @@ -243,7 +243,7 @@ bool ads_closest_dc(ADS_STRUCT *ads) return True; } - DEBUG(10,("ads_closest_dc: %s is not the closest DC\n", + DEBUG(10,("ads_closest_dc: %s is not the closest DC\n", ads->config.ldap_server_name)); return False; @@ -269,7 +269,7 @@ static bool ads_try_connect(ADS_STRUCT *ads, bool gc, print_sockaddr(addr, sizeof(addr), ss); - DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n", + DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n", addr, ads->server.realm)); ZERO_STRUCT( cldap_reply ); @@ -357,6 +357,10 @@ static NTSTATUS cldap_ping_list(ADS_STRUCT *ads, for (i = 0; i < count; i++) { char server[INET6_ADDRSTRLEN]; + if (is_zero_addr(&sa_list[i].u.ss)) { + continue; + } + print_sockaddr(server, sizeof(server), &sa_list[i].u.ss); if (!NT_STATUS_IS_OK( @@ -528,6 +532,10 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads) ok = get_dc_name(c_domain, c_realm, srv_name, &ip_out); if (ok) { + if (is_zero_addr(&ip_out)) { + return NT_STATUS_NO_LOGON_SERVERS; + } + /* * we call ads_try_connect() to fill in the * ads->config details @@ -657,6 +665,12 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads) status = ADS_ERROR_NT(NT_STATUS_NOT_FOUND); goto out; } + + if (is_zero_addr(&ss)) { + status = ADS_ERROR_NT(NT_STATUS_NOT_FOUND); + goto out; + } + ok = ads_try_connect(ads, ads->server.gc, &ss); if (ok) { goto got_connection; @@ -863,7 +877,7 @@ static struct berval *dup_berval(TALLOC_CTX *ctx, const struct berval *in_val) /* Make a values list out of an array of (struct berval *) */ -static struct berval **ads_dup_values(TALLOC_CTX *ctx, +static struct berval **ads_dup_values(TALLOC_CTX *ctx, const struct berval **in_vals) { struct berval **values; @@ -933,8 +947,8 @@ static char **ads_pull_strvals(TALLOC_CTX *ctx, const char **in_vals) /** * Do a search with paged results. cookie must be null on the first * call, and then returned on each subsequent call. It will be null - * again when the entire search is complete - * @param ads connection to ads server + * again when the entire search is complete + * @param ads connection to ads server * @param bind_path Base dn for the search * @param scope Scope of search (LDAP_SCOPE_BASE | LDAP_SCOPE_ONE | LDAP_SCOPE_SUBTREE) * @param expr Search expression - specified in local charset @@ -948,7 +962,7 @@ static ADS_STATUS ads_do_paged_search_args(ADS_STRUCT *ads, const char *bind_path, int scope, const char *expr, const char **attrs, void *args, - LDAPMessage **res, + LDAPMessage **res, int *count, struct berval **cookie) { int rc, i, version; @@ -968,8 +982,8 @@ static ADS_STATUS ads_do_paged_search_args(ADS_STRUCT *ads, if (!(ctx = talloc_init("ads_do_paged_search_args"))) return ADS_ERROR(LDAP_NO_MEMORY); - /* 0 means the conversion worked but the result was empty - so we only fail if it's -1. In any case, it always + /* 0 means the conversion worked but the result was empty + so we only fail if it's -1. In any case, it always at least nulls out the dest */ if (!push_utf8_talloc(ctx, &utf8_expr, expr, &converted_size) || !push_utf8_talloc(ctx, &utf8_path, bind_path, &converted_size)) @@ -1015,8 +1029,8 @@ static ADS_STATUS ads_do_paged_search_args(ADS_STRUCT *ads, NoReferrals.ldctl_value.bv_len = 0; NoReferrals.ldctl_value.bv_val = discard_const_p(char, ""); - if (external_control && - (strequal(external_control->control, ADS_EXTENDED_DN_OID) || + if (external_control && + (strequal(external_control->control, ADS_EXTENDED_DN_OID) || strequal(external_control->control, ADS_SD_FLAGS_OID))) { ExternalCtrl.ldctl_oid = discard_const_p(char, external_control->control); @@ -1061,15 +1075,15 @@ static ADS_STATUS ads_do_paged_search_args(ADS_STRUCT *ads, /* we need to disable referrals as the openldap libs don't handle them and paged results at the same time. Using them - together results in the result record containing the server - page control being removed from the result list (tridge/jmcd) + together results in the result record containing the server + page control being removed from the result list (tridge/jmcd) leaving this in despite the control that says don't generate referrals, in case the server doesn't support it (jmcd) */ ldap_set_option(ads->ldap.ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); - rc = ldap_search_with_timeout(ads->ldap.ld, utf8_path, scope, utf8_expr, + rc = ldap_search_with_timeout(ads->ldap.ld, utf8_path, scope, utf8_expr, search_attrs, 0, controls, NULL, LDAP_NO_LIMIT, (LDAPMessage **)res); @@ -1150,7 +1164,7 @@ done: static ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path, int scope, const char *expr, - const char **attrs, LDAPMessage **res, + const char **attrs, LDAPMessage **res, int *count, struct berval **cookie) { return ads_do_paged_search_args(ads, bind_path, scope, expr, attrs, NULL, res, count, cookie); @@ -1158,9 +1172,9 @@ static ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path, /** - * Get all results for a search. This uses ads_do_paged_search() to return + * Get all results for a search. This uses ads_do_paged_search() to return * all entries in a large search. - * @param ads connection to ads server + * @param ads connection to ads server * @param bind_path Base dn for the search * @param scope Scope of search (LDAP_SCOPE_BASE | LDAP_SCOPE_ONE | LDAP_SCOPE_SUBTREE) * @param expr Search expression @@ -1181,7 +1195,7 @@ static ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path, status = ads_do_paged_search_args(ads, bind_path, scope, expr, attrs, args, res, &count, &cookie); - if (!ADS_ERR_OK(status)) + if (!ADS_ERR_OK(status)) return status; #ifdef HAVE_LDAP_ADD_RESULT_ENTRY @@ -1221,7 +1235,7 @@ static ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path, ADS_STATUS ads_do_search_all_sd_flags(ADS_STRUCT *ads, const char *bind_path, int scope, const char *expr, - const char **attrs, uint32_t sd_flags, + const char **attrs, uint32_t sd_flags, LDAPMessage **res) { ads_control args; @@ -1248,7 +1262,7 @@ static ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path, **/ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, int scope, const char *expr, const char **attrs, - bool (*fn)(ADS_STRUCT *, char *, void **, void *), + bool (*fn)(ADS_STRUCT *, char *, void **, void *), void *data_area) { struct berval *cookie = NULL; @@ -1287,7 +1301,7 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, * @param res ** which will contain results - free res* with ads_msgfree() * @return status of search **/ - ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope, + ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope, const char *expr, const char **attrs, LDAPMessage **res) { @@ -1302,8 +1316,8 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, return ADS_ERROR(LDAP_NO_MEMORY); } - /* 0 means the conversion worked but the result was empty - so we only fail if it's negative. In any case, it always + /* 0 means the conversion worked but the result was empty + so we only fail if it's negative. In any case, it always at least nulls out the dest */ if (!push_utf8_talloc(ctx, &utf8_expr, expr, &converted_size) || !push_utf8_talloc(ctx, &utf8_path, bind_path, &converted_size)) @@ -1330,7 +1344,7 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, ldap_set_option(ads->ldap.ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); rc = ldap_search_with_timeout(ads->ldap.ld, utf8_path, scope, utf8_expr, - search_attrs, 0, NULL, NULL, + search_attrs, 0, NULL, NULL, LDAP_NO_LIMIT, (LDAPMessage **)res); @@ -1353,10 +1367,10 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, * @param attrs Attributes to retrieve * @return status of search **/ - ADS_STATUS ads_search(ADS_STRUCT *ads, LDAPMessage **res, + ADS_STATUS ads_search(ADS_STRUCT *ads, LDAPMessage **res, const char *expr, const char **attrs) { - return ads_do_search(ads, ads->config.bind_path, LDAP_SCOPE_SUBTREE, + return ads_do_search(ads, ads->config.bind_path, LDAP_SCOPE_SUBTREE, expr, attrs, res); } @@ -1368,7 +1382,7 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, * @param attrs Attributes to retrieve * @return status of search **/ - ADS_STATUS ads_search_dn(ADS_STRUCT *ads, LDAPMessage **res, + ADS_STATUS ads_search_dn(ADS_STRUCT *ads, LDAPMessage **res, const char *dn, const char **attrs) { return ads_do_search(ads, dn, LDAP_SCOPE_BASE, "(objectclass=*)", @@ -1511,8 +1525,8 @@ ADS_MODLIST ads_init_mods(TALLOC_CTX *ctx) /* add an attribute to the list, with values list already constructed */ -static ADS_STATUS ads_modlist_add(TALLOC_CTX *ctx, ADS_MODLIST *mods, - int mod_op, const char *name, +static ADS_STATUS ads_modlist_add(TALLOC_CTX *ctx, ADS_MODLIST *mods, + int mod_op, const char *name, const void *_invals) { int curmod; @@ -1541,7 +1555,7 @@ static ADS_STATUS ads_modlist_add(TALLOC_CTX *ctx, ADS_MODLIST *mods, if (!(modlist = talloc_realloc(ctx, modlist, LDAPMod *, curmod+ADS_MODLIST_ALLOC_SIZE+1))) return ADS_ERROR(LDAP_NO_MEMORY); - memset(&modlist[curmod], 0, + memset(&modlist[curmod], 0, ADS_MODLIST_ALLOC_SIZE*sizeof(LDAPMod *)); modlist[curmod+ADS_MODLIST_ALLOC_SIZE] = (LDAPMod *) -1; *mods = (ADS_MODLIST)modlist; @@ -1570,7 +1584,7 @@ static ADS_STATUS ads_modlist_add(TALLOC_CTX *ctx, ADS_MODLIST *mods, * @param val The value to add - NULL means DELETE * @return ADS STATUS indicating success of add **/ -ADS_STATUS ads_mod_str(TALLOC_CTX *ctx, ADS_MODLIST *mods, +ADS_STATUS ads_mod_str(TALLOC_CTX *ctx, ADS_MODLIST *mods, const char *name, const char *val) { const char *values[2]; @@ -1596,7 +1610,7 @@ ADS_STATUS ads_mod_strlist(TALLOC_CTX *ctx, ADS_MODLIST *mods, { if (!vals) return ads_modlist_add(ctx, mods, LDAP_MOD_DELETE, name, NULL); - return ads_modlist_add(ctx, mods, LDAP_MOD_REPLACE, + return ads_modlist_add(ctx, mods, LDAP_MOD_REPLACE, name, (const void **) vals); } @@ -1608,7 +1622,7 @@ ADS_STATUS ads_mod_strlist(TALLOC_CTX *ctx, ADS_MODLIST *mods, * @param val The value to add - NULL means DELETE * @return ADS STATUS indicating success of add **/ -- Samba Shared Repository